When it comes to certain types of plugins you would hope that developers would be extra careful when it comes to security, one of them being eCommerce plugins for obvious reasons, but we have continued to see poor security practices with that type of plugin. Among the vulnerabilities we have found in them this year, have been two arbitrary file upload vulnerabilities, which is probably the most likely type of vulnerability to be exploited. As part of monitoring of hacker activity we have just spotted another one, this time it is one that is likely already being exploited.

Within the last day we had a request for the file /wp-content/plugins/wpmarketplace/css/extends_page.css, which is part of the plugin WP Marketplace. Requesting a file from a plugin that isn’t installed on a website is usually indication that a hacker is probing for usage of it before exploiting something. We have also seen some requests for the file in the third-party data we monitor as well. [Read more]